Releases: kryptobaseddev/cleo
Releases · kryptobaseddev/cleo
v2026.6.18
Added
Changed
Fixed
- derive Wave 7.5 utils-inline list from source scan + dist assert + packed-install smoke (v2026.6.17 dead-on-import) (provenance: T12012)
Deprecated
Removed
Security
BREAKING CHANGES
v2026.6.17
Published as v2026.6.17 — the v2026.6.16 tag was never published (its release run failed on the new studio-dist gate; fixed by #1100 which this release includes).
Added
- cleo setup wizard e2e: fit-gated Ollama model picker, firstRunComplete flag, whoami summary + TUI offer after first-run, 16-test e2e TTY-simulated suite (provenance: T11983)
- DHQ-087: OAuth refresh-on-use at the E9 chokepoint — expired vault OAT is auto-refreshed before provisioning probe; llm test/stream unified through vault chokepoint (provenance: T11986)
- fix-gen resolves opCoord to handler + core source files; bounded context budget; seeded code-regression scenario (provenance: T11988)
- fix-gen logs redacted, truncated model reply on model-declined and fixgen-not-a-diff outcomes; reply excerpt persisted on DHQ evidence row (provenance: T11989)
- janitor MVP — registration-primary process reaper + stale scope/lock/debris sweep (silent, idempotent) (provenance: T11995)
Changed
Fixed
- Layout-proof CLI entry resolution for gateway auto-start — fixes MODULE_NOT_FOUND in packaged installs (provenance: T12009)
- cleo login exits cleanly after OAuth success — pause stdin after paste-back read to release the event-loop hold (provenance: T12010)
- publish pipeline builds+stages studio-dist before npm publish; tarball gate asserts every files[] entry exists (provenance: T12011)
Deprecated
Removed
Security
BREAKING CHANGES
v2026.6.15
Added
- Ship CLEO Web Studio inside the published @cleocode/cleo package (gateway-served at /studio) (provenance: T11979)
- Batteries-included surface — bare
cleolaunches TUI,cleo webopens Studio, gateway auto-starts on demand (provenance: T11980) - One-line installer + OS prereq bootstrap for macOS, Linux, and Windows (provenance: T11981)
- feat(T11982): local-model fit ranking + cleo llm fit (wizard building block) (provenance: T11982)
Changed
Fixed
- DHQ-080:
cleo release reconcilenow synthesises a minimal plan on the tag-driven path (no priorcleo release plan) (provenance: T11977) - postinstall respects operator daemon state — no silent re-enable on upgrade (provenance: T11984)
- DHQ-086: codex_responses wire shape fixed — store:false, OpenAI-Beta header, SSE Accept, error-body surfacing (provenance: T11985)
- fix(T11990): gemma3→gemma4 edge-model family in ollama fallback + fit table (live-verified) (provenance: T11990)
Deprecated
Removed
Security
BREAKING CHANGES
v2026.6.14
Gateway-write + agent-tool + Studio interactivity release — the gateway grows the task write-path (streaming subscribe + reorder/bulk-move/assignee), the agent harness gains a real M7 tool catalog (memory/MCP/skills/cron/media) and service-credential injection, Studio becomes an interactive Kanban dispatcher with workgraph + vault views and a multi-theme reskin, and the self-improvement loop becomes runnable from a released install. New harness/tool behaviour remains default-OFF / opt-in; the released CLI is behaviourally compatible with v2026.6.13. 11 PRs (#1049, #1053–#1063), all CI-green through the merge-bar gate.
Added
- Gateway task write-path — streaming subscribe + mutation ops.
tasks.subscribe(SSE streaming source) plustasks.reorder-rank,tasks.bulk-move, andtasks.assigneeops with handlers, and a corresponding SDK regen — the gateway can now drive live task boards over HTTP/SSE. (T11556 / T11785 / T11786; #1053) - M7 agent-tool catalog. The agent harness gains the first real tool suite —
memory,mcp-client,run_skill,cron/todo, andmediatools — plus acron_scheduletable + accessor and an ungatedcron_scheduletool. (T11947–T11951, T11962; #1054/#1061) - Channels: Local-TUI
ChannelAdapter. The first channel adapter implementation, wiring the Local-TUI surface into the channels layer. (T11952; #1055) - PSYCHE schema tier (daemon-OFF subset). Bitemporal
expired_at+networkcolumns and deriver backoff land as a schema tier — the storage substrate for the PSYCHE loop, shipped inert (daemon-OFF). (T10405; #1060) - Studio interactive Kanban dispatcher. Studio becomes interactive: a gateway write-path (CORE-First, routed through the gateway SDK), a saga-board rune store, drag-transition dispatch, a Conductor, and SSE live updates — the dispatcher board. (T11557 / T11559; #1059)
- Studio workgraph view + reskin + vault dashboard. A saga-scoped
WorkGraphViewwith aDetailDrawer, a multi-theme reskin shell (5 themes via theme-token rune +/studio/[projectId]/[sagaId]shell), and a read-only vault dashboard over core service facades. (T11558 / T11561 / T11943; #1062) - Vault: service-credential injection at the tool HTTP boundary. Service credentials are injected at the tool HTTP boundary as sealed handles — agent tools reach external services without ever seeing raw keys. (T11940; #1061)
Changed
- Self-improvement loop runnable from a released install. The
selfimprovescenario fixtures now ship in the@cleocode/coredist, so the dogfood loop runs from a released install rather than only from a source checkout. (T11974; #1063)
DevEx
- Merge-bar aggregate gate +
cleo check pr. A single merge-bar aggregate CI gate plus acleo check prverb consolidates the PR-readiness signal. (T11955 / T11956; #1049) - DHQ burn — CI/test resilience. Apt-resilient ripgrep install, a
gen:tier-snapshotdrift gate (auto-regen), a vitest-workspace-resolver fix, and a depends-gate--waive-dependsescape hatch (DHQ-077/074/070/071). (T11966 / T11957 / T11953 / T11954; #1057)
v2026.6.13
Pi-harness foundation release — the in-process agentic runner spine, the authority layer that makes autonomous multi-agent execution safe, and the first walking-skeleton of the self-improvement loop. All new runtime behaviour ships default-OFF behind explicit flags; the released CLI is behaviourally identical to v2026.6.12 until those flags are set. 28 PRs (#995–#1019), 120 commits, all CI-green through the PR gate.
Added
- Pi 0.78.1 in-process runner body (the keystone).
@earendil-works/pi-*@0.78.1is embedded as the in-processSkillExecutorrunner body via aPiAgentAdapter— Pi's agent loop runs in-process with ZERO authority (it is a client of the daemon, never the DB writer/session issuer/LLM broker). Lands as three sealed stages: S1 a deny-firstToolGuard+ typed exit-trap containment surface (pi-execution-env/pi-errors), S2 the adapter body + streaming through the model-runner chokepoint, and S3CleoSessionStoragepersisting overcleo.dbthrough the DB-writer lease. Default-OFF. (T11761 / T11897 / T11898 / T11899; #1005–#1007) - Per-op output-schema enforcement — closes DHQ-057. A Cleo-native Zod output-schema registry in
@cleocode/contractsplus a genericderiveOutputContractbackfill gives every operation a validated output contract (419-op catalog; 411 previously lacked one). This is the constrained-output guarantee GenKit would have provided — shipped natively, so--field <jsonpointer>resolves against a known shape. (T11762 / T11900 / T11903; #1008/#1009) - DB-writer lease (sole-writer authority) + live T5158 heal. A supervisor-arbitrated
DbWriterLeasemakes the daemon the solecleo.dbwriter (ends multi-agent write contention — the T5158 data-loss vector — and heals it live with the daemon off), with supervisor-IPC v1.1 (accept-loop router +LeaseAcquirehandler + TS lease-ipc-client). (T11627 / T11894 / T11626; #998/#1000/#1003) - Daemon-issued identity + session manifest.
session_manifesttable in globalcleo.db(+parentSessionId), daemon connection-scoped session registry (getActiveSessiondemoted to an@internalfallback), and supervisor session-stamp/ChildRegistry— the daemon now issues WHO an agent is. (T11638 / T11639 / T11640 / T11629; #995/#996/#1001) - Sealed-credential handle (E10) + single LLM resolver chokepoint (E9) + vault foundation. Credentials decrypt only at the wire — resolvers return a
SealedCredential{fetch()}so agents never see keys; oneresolveLLMForSystemchokepoint with aSystemOfUsecontract +BUILTIN_SYSTEMS_OF_USEregistry;accountstable (hermesPooledCredentialsurface) + global-salt KDF incrypto/credentials.ts. (T11746/T11752/T11753/T11754, T11745/T11747/T11748/T11750/T11751, T11709/T11710; #1010–#1012) - Agent tool registry + 18 guarded tools + closed dispatch loop. An
AgentToolRegistryextends the core tools engine with an agent-facing registry; 18 guarded tools land across terminal/file/search/git and web-search/extract/browser; the core tool-dispatch loop is extended with agent tool handlers — Pi-callable end-to-end. (T1739/T1740/T1741/T1742; #1013–#1016) - Gondolin micro-VM execution environment (optional-dep sandbox).
@earendil-works/gondolinwired as an optional dependency with an availability probe (mirroring the Playwright-optional pattern) — the sandboxedExecutionEnvfor untrusted code execution, kept out of the default install surface. (T11888 / T11908; #1018) - Self-improvement DHQ loop — walking skeleton.
cleo selfimprove run: a leased dual-scopeselfimprove_dhqtable (+ byte-identical migration + Gate-3 accessor) feeding an engine run-loop with a DHQ adapter (writer-lease-gated), draft-PR-only egress, and budget + circuit-breaker governors. Default-OFF, draft-PR-only — the first dogfooding skeleton, not yet autonomous. (T11889 / T11911 / T11913; #1017/#1019)
Changed
- 4→1 state-machine collapse — the cantbook is THE machine. The four competing execution state machines collapse to one:
cleo goautopilot now routes toexecutePlaybook(default ON),IvtrHandleris redirected onto the playbook runtime, and the deprecated machines (Tessera/WarpChain + theivtr-loopdead code) are deleted. (T11764 / T11896 / T11805 / T11807; #1002/#1004) - GenKit demoted to the optional layer above Pi. With Pi as the runner body, GenKit/Dotprompt is no longer the substrate — it is reframed as the optional output-schema/eval layer above the loop (and the output-schema half is already shipped natively via the Zod registry above). (decision D11133)
Fixed
v2026.6.12
Fixed
- Release-provenance writes are now FK-free — kills the DHQ-051
cleo release plan/reconcileFK class. On the consolidatedcleo.dbthe release/provenance drizzle symbols (commits,task_commits,releases,release_commits,pr_*,release_*,brain_release_links) were bound to the bare legacy tables, whosetask_id/epic_idcarried a cross-domain FK into the baretaskstable — empty after consolidation — so a release upsert aborted onFOREIGN KEY constraint failed. This release completes the task-family cutover: (1) the runtime provenance symbols are rebound onto the PREFIXED consolidated tables (tasks_commits, …), whosetask_id/epic_idare plain text with no cross-domain FK, so provenance writes succeed directly; (2) theensureProvenanceTaskFkParentsFK-parent shim and its NULL-on-unresolvable fallback are retired; (3) the task invariant + handoff triggers are restored on the prefixed tables; (4) the missingUNIQUEindex ontasks_releases.version(dropped during the consolidation build) is repaired so the release upsert'sON CONFLICTresolves. A latent enum bug is also fixed:task_commits.link_sourcenow emits the valid'commit-subject'member (the no-CHECK legacy table had silently accepted the out-of-enum'commit-message'). (provenance: T11883; #987, #992)
v2026.6.11
Fixed
- Cold-open OOM + non-converging migration journal on consolidated DBs. A consolidated
cleo.dbkeeps one shared__drizzle_migrationsjournal but is reconciled on every open by four migration lineages (tasks/project/nexus/brain);reconcileJournalbuilt its orphan set from only the calling lineage, so each lineage deleted the others' journal rows as "orphans" → the journal never converged (oscillated) and every open re-ran a delete→re-probe→migrate write-transaction under a 30s lock (multi-minute, lock-blocked opens). Combined with per-connection SQLite reservations (mmap 256MB + cache 64MB + temp MEMORY) across uncapped concurrent processes (the auto-respawning daemon + queued opens), this exhausted host memory → OOM/SIGKILL. Fixes: (1) union-guard reconcile — a journal row is a true orphan only if its hash belongs to no lineage sharing the DB (sibling-lineage rows are preserved), so all lineages converge to a stable journal in one pass; (2)UNIQUE(hash)index +INSERT OR IGNOREmake re-probes idempotent (structural convergence); (3) per-connection memory bounded for one-shot/CLI opens (mmap_size=0, smallcache_size) — the daemon keeps the full hot-page window; (4) fleet fail-safes —--max-old-space-sizeon thecleo+ daemon Node processes, a single-flight lock around cold-open reconcile, and daemonStartLimitIntervalSec/StartLimitBurst. Verified on a 707 MB copy: journal converges and stays stable, cold-open 3m45s→20ms, peak RSS multi-GB→93 MB. (provenance: T11829; #990)
v2026.6.10
Fixed
- Migration journal reconciler — consolidated-DB self-heal. A cold open of a consolidated/sealed
cleo.dbcould hang or fail withE_NOT_INITIALIZED("Task database not initialized"). Root cause:probeAndMarkAppliedran itsCREATE TABLEregex over raw migration SQL including prose comments, capturing phantom table targets (e.g. "…the project-side CREATE TABLE half of that move…") → the migration was never marked applied → Drizzle re-ran a bareCREATE TABLEagainst an existing table → threw (wrapped in.cause, so the "table already exists" retry guard missed it) → the rejected init-promise poisoned the connection cache → surfaced as a maskedE_NOT_INITIALIZED. Fixes: (1) strip SQL line/block comments before DDL-target extraction (reusing the existingstripSqlCommentsidiom); (2) probe-tolerance for eliminated tables — aCREATEof a table a later migration permanentlyDROPs (e.g.release_manifests→ superseded byreleases) now counts as satisfied via acomputeEliminatedTables()disposition walk; (3) zero-DDL migrations (pure-DML backfills,DROP-only, index/trigger-only) are gated by the consolidation cutover — pre-consolidation ones are stamped applied, post-consolidation ones are run-once bymigrate()(so new backfills/drops actually execute); (4) retry predicates now walk the fullerr.causechain; (5) a rejected init-promise is evicted from the connection cache so a transient open failure no longer poisons later callers. (provenance: T11829; #986)
v2026.6.9
Added
- ADR display aliases now have real storage decoupled from the slug: a nullable
attachments.display_aliascolumn (forward-only migration) + acleo docs set-alias <slug> <number>verb (ADR-scoped uniqueness →E_ALIAS_TAKEN,--clear), surfaced asdisplayNumberincleo docs fetch/list.numbering.tsnow prefers a stored alias over the slug-derived number, falling back to slug-derived when null — resolving the collision where multiple distinctadr-051-*decisions all rendered "051". (provenance: T11875; #984)
v2026.6.8
Added
cleo doctor repair [--role <role>] [--dry-run]— malformed-DB recovery entry point that wraps the existing recover pipeline (quick_check→ quarantine → restore-from-VACUUM-snapshot → re-quick_check), including the*.db-walmalformed case, giving operators a single repair verb (DHQ-060). (provenance: T11829; #980)- docs.read core-SDK API —
readDoc(slug)→ typedDocReadResponse(decoded body + full provenance frontmatter; UTF-8 or base64 for binary blobs), a deriveddocs_wikilinksedge table (supersedes + relatedTasks + topics), and bidirectionalcleo docs graph --backlinkswithshares-topicdoc↔doc edges — the live-view foundation for the docs SSoT. (provenance: T11825; #981) cleo docs fetch <slug> --content(alias--decoded) emits the decoded UTF-8 document body to stdout (default still returns the LAFS envelope), andcleo docs add --content "<text>"/--content -enable inline & stdin authoring without a pre-existing file (DHQ-017 / DHQ-056). (provenance: T10970; #982)
Changed
- Exodus on-open data-continuity gate now surfaces an abort to mutating callers: an
exodusAbortmarker + typed event on the re-opened handle, andassertWriteDurable()/ExodusAbortWriteUnsafeError(E_EXODUS_ABORT_WRITE_UNSAFE) reject on the write path while read opens never throw — closing the silent write-rollback gap where a rolled-back mutation returned success-shaped output (DHQ-059). (provenance: T11828; #979)